RHSA-2015:0716Medium
Red Hat Security Advisory: openssl security and bug fix update
🔗 CVE IDs covered (9)
📋 Description
CVE-2015-0209 — openssl: use-after-free on invalid EC private key import CVE-2015-0286 — openssl: invalid pointer use in ASN1_TYPE_cmp() CVE-2015-0287 — openssl: ASN.1 structure reuse memory corruption CVE-2015-0288 — openssl: X509_to_X509_REQ NULL pointer dereference CVE-2015-0289 — openssl: PKCS7 NULL pointer dereference CVE-2015-0292 — openssl: integer underflow leading to buffer overflow in base64 decoding CVE-2015-0293 — openssl: assertion failure in SSLv2 servers CVE-2016-0703 — openssl: Divide-and-conquer session key recovery in SSLv2 CVE-2016-0704 — openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2015:0716
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1196737
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202366
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202380
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202395
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202404
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1202418
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0716.json